﻿<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
	/*
 *      Admin.php
 *      
 *      Copyright 2011 godfather.typhoon.tycoon@banme <chungnguyenhuu911@gmail.com>
 *      
 *      This program is free software; you can redistribute it and/or modify
 *      it under the terms of the GNU General Public License as published by
 *      the Free Software Foundation; either version 2 of the License, or
 *      (at your option) any later version.
 *      
 *      This program is distributed in the hope that it will be useful,
 *      but WITHOUT ANY WARRANTY; without even the implied warranty of
 *      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *      GNU General Public License for more details.
 *      
 *      You should have received a copy of the GNU General Public License
 *      along with this program; if not, write to the Free Software
 *      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 *      MA 02110-1301, USA.
 *      
 *      
 */

	class  Admin   extends  CI_Controller{
		
		function  Admin  (){
			//parent::CI_Controller();
			
			}
		function __construct(){
			parent::__construct();
			/*
			 * 
			 * init library, url, database,...
			 * 
			 */
			 $this->lang->load('messages','vietnamese'); 
			 $this->lang->load('form_validation','vietnamese');
		}
		function index(){
			if(!$this->session->userdata($this->config->item('admin_session_name'))){
				redirect('admin/login', 'refesh');
				return;
			}else{
				redirect('product', 'refesh');
				return;
			}
		}
		function login(){
			$data = array();
			/*
			Validation
			*/
			$this->form_validation-> set_rules('username', $this->lang->line('lang.i18n.messages.form.username'), 'trim|required|min_length[6]|max_length[32]|xss_clean');
			$this->form_validation-> set_rules('password', $this->lang->line('lang.i18n.messages.form.password'), 'trim|required|min_length[6]|max_length[32]|xss_clean');
			if ($this->form_validation->run() == FALSE){
				$data['main_content'] = 'manager/login';
				$this->load->view('templates/manager/template_login', $data);
				return;
			}else{
				$username = $this->input->post('username', TRUE);
				$password = $this->input->post('password', TRUE);
				
				$sql = "SELECT `id`, `username`, `admin`,`logined`, `email` FROM `users` ";
				$sql .= "WHERE `username` = ? AND `password` = ? ";
				$sql .= "AND status = 'active' AND admin > 0 limit 1 ";
				
				$query = $this->db->query($sql, array($username, SHA1(md5($password)))); 
				$user = null;
				
				if($query->num_rows() > 0){
					
					$user = $query->row_array();
					$this->session->set_userdata('go_admin', $user);
					redirect('product', 'refesh');
					return;
					//$data['main_content'] = 'manager/product';
					//$this->load->view('templates/manager/template', $data);
				}else{
					$data['login_message'] =  $this->lang->line('lang.i18n.messages.manager.home.re_pass_fail');
					$data['main_content'] = 'manager/login';
					$this->load->view('templates/manager/template_login', $data);
					return;
				}
			}
		}
		
		/*
		 * Admin logout 
		 * 
		 */ 
		function logout(){
			/*
			 * destroy admin session 
			 * redirect to the view
			 */
			$this->session->unset_userdata('go_admin');
			$this->session->sess_destroy();
			redirect('admin/login', 'refesh');
			return;
			/*
			$data['main_content'] = 'manager/login';
			$this->load->view('templates/manager/template_login', $data);
			*/
		}
		/*
		 * Edit user profile
		 * Permistion admin (without root admin)
		 * Edit only email and password
		 */ 
		function editProfile(){
			$data = array();
			$this->form_validation-> set_rules('email', $this->lang->line('lang.i18n.messages.form.email'), 'trim|valid_email|max_length[64]|xss_clean');
			$this->form_validation-> set_rules('password', $this->lang->line('lang.i18n.messages.form.password'), 'trim|min_length[6]|alpha_dash|max_length[32]|xss_clean');
			$this->form_validation-> set_rules('rePassword', $this->lang->line('lang.i18n.messages.form.re_password'), 'trim|alpha_dash|matches[password]|xss_clean');
			
			if($this->input->post('email')=="" && $this->input->post('password') == ""&& $this->input->post('rePassword') == ""){
			
				$data['login_message'] = $this->lang->line('lang.i18n.messages.manager.home.without_edit_param');
				$data['main_content'] = 'manager/editprofile';
				$this->load->view('templates/manager/template', $data);
				return;
			}
			if ($this->form_validation->run() == FALSE){
				$data['login_message'] = "";
				$data['main_content'] = 'manager/editprofile';
				$this->load->view('templates/manager/template', $data);
				return;
			}else{
				if($this->input->post('rePassword', TRUE) != $this->input->post('password', TRUE)){
					$data['login_message'] = $this->lang->line('lang.i18n.messages.manager.home.re_pass_fail');
					$data['main_content'] = 'manager/editprofile';
					$this->load->view('templates/manager/template', $data);
					return;
				}
				$data['login_message'] = "Cập nhật thành công";
				$go_admin = $this->session->userdata('go_admin');
				$user = $this->getUser($go_admin['username']);
				$username = $user['username'];
				$email = $this->input->post('email', TRUE);
				$password = $this->input->post('password', TRUE);
				$newPassword = $this->input->post('rePassword', TRUE);
				$sql = "UPDATE `users` SET `email` = ?, `password` = ? ";
				$sql .= "WHERE `username` = ? ";
				$query = $this->db->query($sql, array($email, SHA1(md5($password)), $username));
				$data['main_content'] = 'manager/editprofile';
				$this->load->view('templates/manager/template', $data);
				return;
			}
			
		}
		
		/*
		*Get User
		*/
		function getUser($username = ""){
			$username = $this->input->post('username', TRUE);
			$sql = "SELECT `email`,`username`, `password` FROM `users` ";
			$sql .= "WHERE `username` = ? ";
			$sql .= "AND status = 'active' AND admin > 0 ";
			$query = $this->db->query($sql, array($username)); 
			$user = null;
			if($query->num_rows() > 0){
				$user = $query->row_array();
				if(!empty($user)){
					return $user;
				}
			}
			return null;
		}
		
		/* Permistion: root admin
		 * Remove user from database
		 * 
		 */ 
		function deleteUser(){
			if($this->input->post('username')){
				/*
				 * Get param from request
				 * using xss_filter: TRUE
				 */ 
				$username = $this->input->post('username', TRUE);
				$sql = "DELETE FROM  `users` ";
				$sql .= "WHERE `username` = ? ";
				//$sql .= "AND logined = 0;";
				$query = $this->db->query($sql, array($username)); 
			}
		}
		/*
		 * When admin logined to website
		 * We'll update field logined inside table users: logined = 1 and else logined = 0
		 * 
		 */ 
		function updateLogin($username, $status = -1){
			$sql = "UPDATE `users` SET logined  = ? ";
			$sql .= " WHERE `username` = ? ";
			
			$query = $this->db->query($sql, array($username, $status)); 
		}
		function checkMail($email = ""){
			$sql = "SELECT `id` FROM `users` ";
			$sql .= "WHERE `email` = ?";
			$query = $this->db->query($sql, array($email)); 
			if($query->num_rows() > 0){
				return 1;
			}
			return -1;
		}
	}
?>
